User Roles and Permissions
User Roles and Permissions
Learn how to effectively configure and manage user roles and permissions in the Shifts platform to ensure appropriate access control and optimize your organization’s workflow.
Overview
The Shifts platform uses a comprehensive role-based access control system that allows you to define exactly what each user can see and do. This article explains how to understand, configure, and manage user roles and permissions to maintain proper security while enabling efficient operations.
Understanding Role Types
The Shifts platform includes several types of roles:
System Roles
These are predefined roles that determine a user’s baseline permissions:
- Super Admin: Complete access to all features and settings within the business
- Admin: Full operational access to manage users, schedules, and settings
- Manager: Operational oversight with location-specific management capabilities
- Staff/Member: Regular employees with basic self-service permissions
Organizational Roles
These are business-specific roles that can be customized to match your organizational structure:
- Default Organizational Roles:
- Director
- Regional Manager
- District Manager
- Location Manager
- Supervisor
- Team Member
- Custom Organizational Roles: You can create custom roles specific to your business needs, with defined hierarchy levels
Accessing Role Management
To manage roles and permissions:
- Navigate to Admin > User Management > Roles & Permissions
- Select the role you want to modify, or click Create New Role to add a custom role
- Use the permissions panel to configure access rights for the selected role
Setting Up Role Hierarchy
The role hierarchy determines how permissions flow through your organization:
- From the Roles & Permissions page, click Role Hierarchy
- Drag and drop roles to arrange them in the correct hierarchical order
- Higher-level roles automatically have authority over lower-level roles
- Click Save Hierarchy to apply your changes
Permission Configuration
Permissions are organized by feature areas and actions:
Features and Actions
Each permission consists of a feature and allowed actions:
- Features: Shifts, Users, Locations, Reports, Settings, etc.
- Actions: View, Create, Edit, Delete, Approve, Manage
Permission Inheritance
When assigning permissions, you can specify how they propagate through the hierarchy:
- Self Only: Permission applies only to the user with this role
- Direct Reports: Permission applies to this role and direct subordinates
- Full Hierarchy: Permission applies to this role and all levels below
- Custom Depth: Permission applies to N levels below this role
Location-Based Permissions
Roles can be further refined by location assignments:
- Go to Admin > Locations > User Assignments
- Assign users to specific locations
- Users with location assignments can only access data for their assigned locations
- Higher-level roles in the location hierarchy have authority over all locations in their branch
Managing Users and Roles
To assign roles to users:
- Navigate to Admin > User Management > Users
- Select a user to edit or click Add New User
- In the user profile, select the appropriate organizational role
- Assign locations if applicable
- Click Save to apply changes
Common Role Configurations
Location Manager
Typical permissions include:
- View and manage shifts at their location
- Approve time off requests for their staff
- Create and edit schedules
- View reports for their location
Regional Manager
Typical permissions include:
- View and manage shifts across multiple locations
- Approve manager time off requests
- Create and edit schedules across locations
- View consolidated reports for their region
Permission Templates
For quick setup, the system includes templates for common roles:
- From the Roles & Permissions page, click Templates
- Select a role type that most closely matches your needs
- Apply the template, then customize as needed
- Click Save to apply the template
Auditing Role Assignments
To review current role assignments:
- Navigate to Admin > User Management > User Access Report
- View a complete list of users with their assigned roles and locations
- Use filters to focus on specific roles or locations
- Export the report for documentation or review
Best Practices
For optimal results when managing roles and permissions:
- Follow the Principle of Least Privilege: Grant only the permissions needed for each role
- Review Regularly: Audit role assignments and permissions quarterly
- Use Role Templates: Start with templates, then customize as needed
- Document Custom Roles: Maintain documentation of your role structure and permissions
- Test New Roles: Before wide deployment, test new roles with a small user group
- Consider Location Structure: Align role hierarchy with your location hierarchy
- Maintain Super Admin Backup: Ensure at least two users have Super Admin access
Related Resources
This article should be updated when:
- New system roles are added
- The permission inheritance model changes
- New permission types or categories are added
- The role management interface is updated
- Location-based permission features change
- New permission templates are added